/**
 * @Date: Feb 19, 2010 6:49:19 PM
 */
package com.philip.journal.login.service;

import java.util.Map;

import com.philip.journal.core.bean.User;
import com.philip.journal.login.service.exception.IncorrectPasswordException;
import com.philip.journal.login.service.exception.UserNotFoundException;

/**
 * Provides User related services.
 *
 * @author cry30
 */
public interface LoginService {

    /**
     * Authenticates the user against the system.
     *
     * @param session - server side session.
     * @param username case sensitive username to authenticate.
     * @param password case sensitive password.
     * @return the authenticated User object.
     * @exception UserNotFoundException when the username does not exist in the data source.
     * @exception IncorrectPasswordException when the supplied username was found but an invalid password has been
     *                supplied.
     * @see com.philip.journal.core.bean.User
     */
    User authenticateUser(Map<String, Object> session, String username, String password);

    /**
     * RTFC.
     *
     * @param session - server side session.
     * @return the current User object.
     * @see com.philip.journal.core.bean.User
     */
    User getCurrentUser(Map<String, Object> session);

    /**
     * Changes the password. Currently no control is made to ensure about the security of the new password.
     * 
     * @param session - server side session.
     * 
     * @param oldPassword - used to initially validate the user.
     * @param newPassword - new password to set
     * @exception IncorrectPasswordException - when the supplied old password does not match the current password
     * @see com.philip.journal.core.bean.User
     */
    void changePassword(Map<String, Object> session, String oldPassword, String newPassword);

}
